1. Field of the Invention
The present invention relates to a communication system, a communication method, a base station apparatus, a controller, a device, and a recording medium storing control program for controlling the base station apparatus, the controller, and the device, and more particularly to a communication system, a communication method, a base station apparatus, a controller, a device, and a recording medium storing control program, using password setting on the device for connection authentication, and a password.
2. Description of the Related Art
Radio communication systems such as Bluetooth, IEEE802.11b, and infrared data communication allow for simultaneous connection of multiple devices, utilizing characteristics of a radio wave. However, sufficient attention must be paid to ensure system security and confidentiality in such radio communication. Conventional security systems for radio communication systems include the radio terminal security system as disclosed in Japanese Patent No. 2872996, and the one-time password system as used in the Internet. These security systems include electronic keys and radio terminals, and prohibit successive use of the same key to increase security, thereby providing increased safety against loss and theft of the key.
The user authentication system used in the Bluetooth is described in the following. The user authentication system used in the Bluetooth is administered by two elements: a unique password set up on each device (called a PIN (Personal Identification Number) code); and an encryption key (called a link key) created by the password and an ID code unique to the device (information such as a 48-bit address, assigned by IEEE).
Consider now the case where a device A makes access to a device B. In the situation in which the device A and the device B are connected with each other for the first time, the device A is required to input the PIN code of the device B. Upon receiving the PIN code from the device A, the device B checks it for validity. If the PIN code is authenticated, then, the device B creates a link key for the device A. The resulting link key is stored together with the unique address of the device A.
If, on the other hand, the device A was connected to the device B in the past, since the link key had already been registered in the device B, authentication is made through the link key. In this way, the Bluetooth provides authentication using the PIN code unique to each device, and the link key table created based on the PIN codes. The PIN code, while being unique, can be altered by the device user into any other string of characters.
The security system disclosed in Japanese Patent No. 2872996, the one-time password system in the Internet, and the user authentication system in the Bluetooth can be said to be password management and authentication systems intended to provide only increased security. The use of the user authentication system in ad hoc network environment causes problems as described below.
As an application of the user authentication system used in the Bluetooth, consider a home network system in which a home-use device is connected to a network. Each individual device is required to establish a fiduciary relationship based on the above user authentication system. Namely, a fiduciary relationship is established by notifying the private PIN code of each individual user to ensure security. However, inexpensive devices such as battery-driven sensor devices do not have interfaces for allowing users to enter the PIN codes. Setting of PIN codes identical to each other is required in establishing connection authentication of devices, which is a cumbersome operation for users in preparing connection of the devices.